MUGOYA DIHFAHSIH

Django templates are often used to pass data to JavaScript code. Unfortunately, if implemented incorrectly, this opens up the possibility of HTML injection, and thus XSS (Cross-Site Scripting) attacks. This is one of the most common security problems I’ve encountered on Django projects. In fact I’ve probably seen it on  every  considerably-sized Django project, in some form or another. Also, not naming and shaming, but I’ve also seen it in lots of community resources. This includes conference talks, blog posts, and Stack Overflow answers. It’s hard to get right! It’s also been historically difficult, since it’s only Django 2.1 that added the  json_script  template tag to do this securely. (And  the ticket  was open six years!) Let’s look the problem and how we can fix it with  json_script . The Vulnerable Way Let’s take this view: from django.shortcuts import render def index ( request ): mydata = get_mydata () return render ( request , 'index.html' , cont

Hey there, welcome! In this article, I am going to teach you how to package and distribute an API built in  Django   and  Django REST Framework ,  using  Docker  containers. For this article, I used an API I built in  part 1  and  part 2  of my articles on  Django REST Framework  ( DRF). However if you already have an existing Django project you want to containerize right away, you can also follow along as we go, step by step. What is Docker? Docker is an open platform that performs Operating System level virtualization also known as  containerization . Container Vs Virtual Machine — Image Credit: Docker To help you put this into perspective, let’s compare Docker to a Virtual Machine(VM) like  Virtual Box ; A VM will get physical resources like RAM, CPU, Network cards, etc and  “slice and dice”  them into virtual resources. It then provides the virtual resources on top of a hypervisor as smaller Virtual Machines that look and feel like the normal physical computer where you can then in